Study your flashcards anywhere!

Download the official Cram app for free >

  • Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off

How to study your flashcards.

Right/Left arrow keys: Navigate between flashcards.right arrow keyleft arrow key

Up/Down arrow keys: Flip the card between the front and back.down keyup key

H key: Show hint (3rd side).h key

A key: Read text to speech.a key


Play button


Play button




Click to flip

41 Cards in this Set

  • Front
  • Back
What is group Policy?
A method of controlling settings accross your network. Group Policies can be assigned to sites, domains or OUs and are applied to users and computers within these AD containers.
What are the user benefits of group policy?
user environment can be set up to be consistent and applications that become damaged can be updated or maintained automatically
What is the difference between Local GPOs and nonlocal GPO's?
Local GPo's are non-AD and non-local are site and AD organizational
Where is the content of a nonlocal
GPO stored?
in a GPO container and in a GPTemplate
What is the Group Policy Container Object?
It includes subcontainers that hold GPO. Default Group Policy Containers are named according to the Globally Unique Identifier (GUID)that is assigned when it is created when AD is installed.
What is inheritance?
If you create a GPO from the domain Object in AD Users and Computers, it applies to all users and computers in the domain. On a larger scale, if a GPO is created for a site that contains multiple domains, the GP is applied to all domains and the fhild objects contained with in them.
What is a node?
A parent structure that holds all related settings.
What are the three subnodes within the computer configuration and the user configuration nodes?
Software settings (solitaire), Windows settings (control panel) and administrative templates (security templates)
hat are the five administrative templates?
system.adm, intres.adm, Wuau.adm, Wmplayer,adm, and conf.adm
Where do the settings to the Administrative Templates folder of the User Configuration node write changes to?
the HKEY-CURRENT-USER registry key
Where do settings in the Computer Configuration note write changes to?
What is sychronous processing?
One at a time. This applies to user policies.Each policy must be read and applied completely before the next policy can be involked.
What is asychronous?
This is logon scrypts. they run all at the same time. The user's desktop appears after all policies and scripts have been processed.
What is no override?
It doesn't allow the settings to be changed by any other policies.
What is Block Policy Inheritance?
It blocks all policies from parent containers from flowing to the next container except in the case of no overide.
What is loopback?
It allows for two settings: Merge and Replace.
What is Merge in the loopback setting?
It is reapplying the computer setting and using them if they don't conflict
What is replace in the loopback setting?
It is using only the new computer policy settings for the end user
Where are Security Policies configured?
In the computer configuration node of a GPO
What is included in Account Policies?
Password Policy, Account lockout policy, Default domain policy GPO including Kerberos Policy settings.
What are Local Policies?
Contains local computer policies which include the three subcategories of Audit Policy, User Rights, Assignment, and Security Options
What is an Event Log Policy?
Event Viewer Logs, Maximum Size, Retention size and accessibility
What is Kerberos Policy?
It is for domain user accounts only. It is the default mechanism for authenticating domain users for servers 2003 and Microsoft Windows 2000. It is a ticket based system that allows domain access by using a Key Distrubution Center (KDC) to issue session tickets to users.
What do audit policies apply?
They apply to an event you decide to audit such as logon events, successful logon attempts, failed logon attempts, or both. Auditing is turned off by default.
What determines which computers, resources and events you will audit?
You will determine which pertinent items to audit.
What is the Restricted Groups Policy?
This setting allows administrators to have control over the members property and Members of property within a security group.
What is a System Services Policy?
These settings can be used to define the startup mode and access permissions for all system services.
What are Registry and File Ssytem policies?
These settings can be used to set access permissions to audit settings for specific registry keys or file system objects
What are Wireless netowrk policies?
Allows definition of a policy for IEE 802.11 wireless netowrk
What are Public Key Policies?
This node includes options to create an Encrypted File System (EFS), automatic certificate request, trusted root certificates, and an enterprise trust list.
What are Software Restriction Policies?
Can be used to specify software that you wish to run on computers. It can be used to disallow applications that might pose a security risk to the computer or organization.
What is Ipsec Policy on Active Directory?
Includes policy settings that allow an administrator to define mandatory rules applicable to computers on an IP-based netowrk.
What are Public Key policies?
It includes the Enterprise Trust Policy that allows the administrator to list the trusted sources for certificates. In addition, autoenrollment (smart card)settings can be specified for the user within this node.
What are Software Restriction Policies?
This policy can be used to specify software that you wish tgo run for the user. Specifically, it can be used to disallow applications that might pose a security risk if run.
How do Policy Settings Created within the Computer Configuration apply?
They apply to a computer regardless who is logging on. More security settings can be applied to a specific computer than to a specific user.
What is the first step to take in implementing your audit policy plan?
First you have to have the Manage auditing and Security Log user right for the computer you want to configure a policy or review a log. This right is granted by default to the administrator group. Any files or folders to be audited must be located on the NTFS volums.
What is Certificate autoinrollment?
Smart cards. Requirements are Windows XP or Windows Server 2003, An Enterprise CA running on Windows Server 2003 Server and At lease one Version 2 Certificate template.
What are the high-level tasks that need to be completed in order to configure autoenrollment for smartcard logon?
Install and configure Enterprise CA. Define an autoenrollment certificate template. Assign the appropriate user permissions to the certificate template. Add the autoenrollment certificate template to the Enterprise CA. Modfify the Default Domain Policy GPO security settings to allow autoenrollment of certificates.
What is folder redirection?
I.E. Take my documents from local box and put it on the server.
What is tatooing?
The term means that the setting continues to apply until it is reversed using a policy that overwrites the setting.
What is the Offline Files Policy?
It allows files to be available to users when they are disconnected from the network.